Modern business operations typically require many communication devices and technologies that include routers, firewalls, switches, file servers, business applications (e.g., ERP, CRM, manufacturing), etc operating in physical, virtual, or “cloud” environments. Generally, such devices and technologies report their health and status by writing log files. For example, computer processors are responsible for processing vast amounts of data for a variety of applications. To determine how a certain application may be processed by a computer processor, engineers typically design the application with a log file that records various functional and auditing outputs within the application. That is, certain functions within the application may output data to the log file so that the engineers may diagnose problems (e.g., software bugs) and/or observe general operational characteristics of the application.
By observing the general operational characteristics of an application, certain valuable information may also be ascertained. For example, log files generated by a file server may record logins. In this regard, certain logins may be unauthorized and their prevention desired. However, with the multitude of devices, hosts and their corresponding applications available, a bewildering array of log data may be generated across the IT environment or network. Additionally, networks are often augmented and upgraded with additional systems that provide even more logs. Adding to the complexity of the situation, devices and applications of these networks vary in so many ways and so do their corresponding log file formats. Attempting to comprehensively review log files across so many technologies has generally been impractical.